From: Deena Mukundan Date: Fri, 2 May 2025 13:49:48 +0000 (+0200) Subject: [POLICY] Helm changes for data update scalability and prometheus X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=77c47d50665ff2d668d986a2ec735d0ff25de685;p=oom.git [POLICY] Helm changes for data update scalability and prometheus Issue-ID: POLICY-5351 Change-Id: I3ce28730eccc0b69032c5b86d8d88edfaf48da1a Signed-off-by: Deena Mukundan --- diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index 7a4ac1f377..1509c31356 100644 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -19,7 +19,7 @@ apiVersion: v2 description: ONAP Policy name: policy -version: 16.0.8 +version: 16.0.9 dependencies: - name: common diff --git a/kubernetes/policy/components/policy-opa-pdp/Chart.yaml b/kubernetes/policy/components/policy-opa-pdp/Chart.yaml index f776feae35..ead5e8770a 100644 --- a/kubernetes/policy/components/policy-opa-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/Chart.yaml @@ -19,7 +19,7 @@ apiVersion: v2 description: ONAP Policy OPA PDP (PDP-O) name: policy-opa-pdp -version: 16.0.1 +version: 16.0.2 dependencies: - name: common diff --git a/kubernetes/policy/components/policy-opa-pdp/templates/autoscaling.yaml b/kubernetes/policy/components/policy-opa-pdp/templates/autoscaling.yaml new file mode 100755 index 0000000000..4b2d6d4fa0 --- /dev/null +++ b/kubernetes/policy/components/policy-opa-pdp/templates/autoscaling.yaml @@ -0,0 +1,61 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2025 Deutsche Telekom Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "common.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} + behavior: + scaleDown: + stabilizationWindowSeconds: {{ .Values.autoscaling.stabilizationWindowSeconds}} + policies: + - type: Pods + value: {{ .Values.autoscaling.podScaleDownCount }} + periodSeconds: {{ .Values.autoscaling.periodSecondsPods }} + - type: Percent + value: {{ .Values.autoscaling.podScaleDownPercent }} + periodSeconds: {{ .Values.autoscaling.periodSecondsPercent }} + selectPolicy: {{ .Values.autoscaling.selectPolicy }} +{{- end }} diff --git a/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml index 90ff759bb8..ba74f1dd43 100755 --- a/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/templates/deployment.yaml @@ -23,7 +23,14 @@ kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: {{- include "common.selectors" . | nindent 4 }} + {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} + {{ end }} + strategy: + type: {{ .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ .Values.updateStrategy.maxSurge }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: @@ -49,10 +56,16 @@ spec: fieldPath: metadata.uid - name: GROUPID value: "{{ .Values.groupIdPrefix }}-$(POD_UID)" + - name: PATCH_GROUPID + value: "{{ .Values.patchGroupIdPrefix }}-$(POD_UID)" - name: LOG_LEVEL value: "{{ .Values.log.loglevel }}" - name: PAP_TOPIC value: "{{ .Values.kafka.topic }}" + - name: PATCH_TOPIC + value: "{{ .Values.kafka.patchtopic }}" + - name: USE_KAFKA_FOR_PATCH + value: "{{ .Values.useKafkaForPatch }}" - name: API_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }} - name: API_PASSWORD @@ -85,6 +98,10 @@ spec: mountPath: /app/bundles - name: logs mountPath: /var/logs + - mountPath: /opt/policies/ + name: opt-policies + - mountPath: /opt/data/ + name: opt-data resources: {{ include "common.resources" . | nindent 12 }} {{- if .Values.nodeSelector }} nodeSelector: @@ -106,4 +123,10 @@ spec: - name: logs emptyDir: sizeLimit: {{ .Values.dirSizes.logDir.sizeLimit }} + - name: opt-policies + emptyDir: + sizeLimit: {{ .Values.dirSizes.optPolicies.sizeLimit }} + - name: opt-data + emptyDir: + sizeLimit: {{ .Values.dirSizes.optData.sizeLimit }} {{- include "common.imagePullSecrets" . | nindent 6 }} diff --git a/kubernetes/policy/components/policy-opa-pdp/values.yaml b/kubernetes/policy/components/policy-opa-pdp/values.yaml index 0971dc8d7f..3f6943015c 100644 --- a/kubernetes/policy/components/policy-opa-pdp/values.yaml +++ b/kubernetes/policy/components/policy-opa-pdp/values.yaml @@ -43,7 +43,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-opa-pdp:1.0.4 +image: onap/policy-opa-pdp:1.0.5 pullPolicy: Always @@ -70,14 +70,12 @@ apiServer: user: policyadmin password: zb!XztG34 -config: - # Event consumption (kafka) properties - kafka: - consumer: - groupId: policy-opa-pdp - app: - listener: - policyPdpPapTopic: policy-pdp-pap +updateStrategy: + type: RollingUpdate + # The number of pods that can be unavailable during the update process + maxUnavailable: 0 + # The number of pods that can be created above the desired amount of pods during an update + maxSurge: 1 securityContext: user_id: 1000 @@ -86,9 +84,12 @@ securityContext: kafka: groupid: "policy-opa-pdp" topic: "policy-pdp-pap" + patchtopic: "opa-pdp-data" useSASL: "true" brokers: "onap-strimzi-kafka-bootstrap.onap:9092" +useKafkaForPatch: false + persistence: enabled: true volumeReclaimPolicy: Retain @@ -125,6 +126,18 @@ readinessCheck: services: - 'policy-pap' +autoscaling: + enabled: true + minReplicas: 1 + maxReplicas: 3 + targetCPUUtilizationPercentage: 70 + stabilizationWindowSeconds: 60 + podScaleDownCount: 1 + periodSecondsPods: 60 + podScaleDownPercent: 10 + periodSecondsPercent: 60 + selectPolicy: "Min" + service: type: ClusterIP name: *componentName @@ -188,8 +201,13 @@ dirSizes: sizeLimit: 100Mi bundleDir: sizeLimit: 5Gi + optPolicies: + sizeLimit: 500Mi + optData: + sizeLimit: 500Mi groupIdPrefix: opa-pdp +patchGroupIdPrefix: opa-pdp-data #Pods Service Account serviceAccount: @@ -209,25 +227,22 @@ metrics: version: '{{ .Chart.Version | replace "+" "_" }}' release: prometheus enabled: true - port: policy-opa-pdp + port: http interval: 60s + path: /metrics isHttps: false basicAuth: enabled: true - externalSecretNameSuffix: policy-opa-pdp-restserver-creds + externalSecretNameSuffix: policy-opa-pdp-api-creds externalSecretUserKey: login externalSecretPasswordKey: password selector: app: '{{ include "common.name" . }}' - chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' - release: '{{ include "common.release" . }}' - heritage: '{{ .Release.Service }}' + helm.sh/chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + app.kubernetes.io/instance: '{{ include "common.release" . }}' + app.kubernetes.io/managed-by: '{{ .Release.Service }}' config: - # Event consumption (kafka) properties - kafka: - consumer: - groupId: policy-opa-pdp app: listener: policyPdpPapTopic: policy-pdp-pap @@ -244,3 +259,8 @@ kafkaUser: type: topic patternType: prefix operations: [ Create, Describe, Read, Write ] + - name: opa-pdp-data + type: topic + patternType: prefix + operations: [ Create, Describe, Read, Write ] + diff --git a/kubernetes/policy/templates/policy-kafka-topics.yaml b/kubernetes/policy/templates/policy-kafka-topics.yaml index c76b181e18..7cb6559f9a 100644 --- a/kubernetes/policy/templates/policy-kafka-topics.yaml +++ b/kubernetes/policy/templates/policy-kafka-topics.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2022 Nordix Foundation +# Modifications Copyright ©2025 Deutsche Telekom # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -49,3 +50,16 @@ spec: config: retention.ms: {{ .Values.config.policyNotificationTopic.retentionMs }} segment.bytes: {{ .Values.config.policyNotificationTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.opaPdpDataTopic.name }} + labels: {{- include "common.labels" . | nindent 4 }} + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.opaPdpDataTopic.partitions }} + config: + retention.ms: {{ .Values.config.opaPdpDataTopic.retentionMs }} + segment.bytes: {{ .Values.config.opaPdpDataTopic.segmentBytes }} + diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 32d374f118..2f7f141fe3 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -19,7 +19,7 @@ # Global configuration defaults. ################################################################# global: - prometheusEnabled: false + prometheusEnabled: true postgres: localCluster: true # flag to enable the DB creation via pgo-operator @@ -204,6 +204,11 @@ config: segmentBytes: 1073741824 consumer: groupId: policy-group + opaPdpDataTopic: + name: opa-pdp-data + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 someConfig: blah # application configuration override for postgres